4757 matches found
CVE-2024-47546 GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...
CVE-2024-47546
CVE-2024-47546 affects GStreamer, specifically the qtdemux.c path in the FourCC c708 parsing. The underlying issue is an integer underflow in extract_cc_from_data where atom_length - 8 can underflow if atom_length
CVE-2024-47546
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...
CVE-2024-47546 GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...
CVE-2024-47546
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...
CVE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...
CVE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...
CVE-2024-47545
CVE-2024-47545 affects GStreamer components (notably qtdemux in qtdemux.c) where an integer underflow during the strf parsing case allows size to underflow, leading to an OOB-read via a large memcpy in gst_buffer_fill. The issue is documented across multiple advisories and is fixed in GStreamer 1...
CVE-2024-47545
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...
CVE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...
CVE-2024-47545
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...
Siemens Solid Edge V2024 Integer Underflow Vulnerability
Solid Edge is a portfolio of software tools to address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge V2024 suffers from an integer underflow vulnerability that can be exploited by an attacker to execute code in the conte...
GStreamer 数字错误漏洞
GStreamer is the GStreamer open source set of frameworks for processing streaming media. A numeric error vulnerability exists in GStreamer versions prior to 1.24.10, which stems from an integer underflow detected in the qtdemuxparsetrak function in qtdemux.c. The vulnerability is caused by the...
GStreamer 输入验证错误漏洞
GStreamer is the GStreamer open source set of frameworks for processing streaming media. An input validation error vulnerability exists in GStreamer that stems from an integer underflow detected in the qtdemuxparsetheoraextension function in qtdemux.c. The vulnerability is caused by the detection...
PT-2024-10371
Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the extract cc from data function within qtdemux.c. In the FOURCC c708 case,...
PT-2024-10366
Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description The issue is related to an integer underflow in the qtdemux parse theora extension function within qtdemux.c. This underflow causes the size variable to hold a large unintended value when cast to...
PT-2024-10370
Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description The issue is related to an integer underflow in the qtdemux parse trak function within qtdemux.c. This underflow can occur during the strf parsing case when the subtraction size -= 40 results in ...
GStreamer 数字错误漏洞
GStreamer is the GStreamer open source set of frameworks for processing streaming media. A numeric error vulnerability exists in GStreamer versions prior to 1.24.10, which stems from an integer underflow detected in the extractccfromdata function in qtdemux.c. The vulnerability is caused by a...
CVE-2024-53955
Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-53955
Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...